-
漏洞讨论

The Apache Software Foundation has reported a vulnerability in the prefork MPM (Multi-Processing Module) that could result in a temporary denial of service condition.

-
漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

-
解决方案

This issue is addressed with the release of Apache 2.0.47. Users are advised to upgrade.

Conectiva has released advisory CLA-2003:698 to address this issue. Further information regarding obtaining and applying fixes can be found in the referenced advisory.

Mandrake has released advisory MDKSA-2003:075 to address this issue. See referenced advisory for additional details and fix information.

Red Hat has released advisory RHSA-2003:240-01 to address this issue.

HP has released advisory HPSBUX0309-278 to address this issue.

Trustix has released advisory 2003-0025 to address this issue.

Red Hat has released advisory RHSA-2003:244-07 to address this issue in their Linux Enterprise software. Relevant patches are available through the Red Hat Network. See the referenced advisory for additional details.

SGI has released an advisory (20031002-01-U) pertaining to their ProPack Linux distribution. The advisory has been released in response to a number of RHSA advisories, and includes a patch (Patch 10027) containing updated RPM packages relating to 22 different BIDS.

Patch 10027 can be obtained via the following link:
http://support.sgi.com/

For information regarding how to obtain individual RPM packages included in Patch 10027, please see the attached advisory.